Draft legislation to impose fines on companies that refuse to provide wiretap facilities to US federal agents is in the planning stages, government officials have told the Washington Post under condition of anonymity.
Initial plans are for an automatic fine for refusal in the range of tens of thousands of dollars, an amount that …

Re: Dangerous thinking ..

I don't know that that is completely true. If the servers were operated by a foreign subsidiary - like is done for tax purposes, then that subsidiary wouldn't fall under the US's jurisdiction I don't think? Not to mention, if the US request would breach local laws, the company could be in serious trouble for complying.

Re: Dangerous thinking ..

Re: Dangerous thinking ..

You are totally wrong.

congress passed a law extending the jurisdiction of all Federal US laws to the whole planet. Thus the operations in the EU by a company that even just has a small office in the US is subject to US laws.

If said company wants to continue to do business in the US then they will kneel down and take their shafting nicely.

Do not have anything to do with a company that trades in the US when it comes to your data. It is fully open to access by Uncle Sam and there is sod all you can do about it.

Re: Dangerous thinking ..

> congress passed a law extending the jurisdiction of all Federal US laws to the whole planet.

The US congress can say what they fscking well like.

In practice, they have no means to implement those laws in foreign countries. They could take their ire out on companies that operate in the US, but they cannot compel a US company to make a foreign company break the laws of another country where they are operating.

Re: Dangerous thinking ..

all sorts of pressure (legal)can be applied making it very difficult for that company to continue to operate in the US.

In practice companies just roll over and give the Feds everything they want especially if the company is Incorporated in the US.

All it takes is for one Fed dept to make one phone call to say the IRS and you will be knee deep in tax inspectors for the next year. Or to the DHS/INS and suddenly all your key workers green cards are invalid, key personnel can't travel because they have appeared on 'No-Fly' lists.

You bank accounts become frozen for no apparent reason making you unable to pay your workers.

Photoshopped pictures of you with your 'mistress' appear in the press.

etc

etc

etc

Do not underestimate what Uncle Sam can do if they put their mind to it.

There have been cases where even German Records have been turned over to the Feds despite German Privacy laws and the courts prohibiting it. By the time they got involved, the damage was done.

The moral is, never put any of your critical data outside your own direct control and most certainly not under the control of hosting/cloud companies such as MS or Amazon. You might as well just sign that data away from day 1.

Re: Dangerous thinking ..

Data located in Australia but owned or operated by a US company could be accessed under a Patriot Act request, even if this violates National Privacy Principles, a legal expert has warned.

Connie Carnabuci, a partner of the law firm Freshfields Bruckhaus Deringer, said that under the Act which was passed in 2001, US authorities have the ability to pass orders for the disclosure of non-US data that is stored outside the country. “The basis for that disclosure is that you have to establish a sufficient connection with the US,” she said.

“One is that you have a US company with foreign subsidiaries outside the US, such as a service provider setting up in the Asia Pacific. The second might be that you have a non-US company that sets up a US subsidiary.”

Would that it were so.

I don't know what law the grandparent poster (AC) is referring to, but you only have to look at ACTA (http://en.wikipedia.org/wiki/ACTA) to see an example of the U.S. using its economic weight to force other countries to do the bidding of American corporations. For rampant privacy invasion, check the PNR (http://en.wikipedia.org/wiki/Passenger_Name_Record) history, in which the U.S. pressured the EU into sending passenger info to the TSA before the flight leaves. They ``promised'' it would be used only for anti-terrorist purposes, but they've reneged on that, and roughly the entire federal government now has access to the data.

So long as the U.S. packs sufficient clout to present a credible economic threat to its subject nations, we're all screwed. The way things are going, though, maybe the U.S. economy will weaken so much that no one cares anymore.

[Beer because that's what I'm drinking now. Maybe it'll help me feel better about all this.]

Re: Dangerous thinking ..

Re: Dangerous thinking ..

I've never agreed with the intrusive thinking in the Patriot Act - all we needed was inter departmental sharing to prevent the next 911, in fact we had the information to prevent the original 911 already! It is just ridiculous how we Americans "The land of the brave" got wimpy and caved to the alarmist gubbamint controllers on this!

We in the US need to remember we are not a bunch of crybabies, and get rid of this waste of tax payer dollars. I don't care if it leads to the occasional Boston bombing, we should have guts enough to take in in the shorts once and a while - Did the Londoners whine and complain during the Blitz!?

Bloody dangerous move this.

Not just for civil and criminal rights, but the thin end of the wedge for government to get at all personal data, how so ever innocent, without a properly heard warrant; privacy groups should be jumping on this like rabid Mongeese.

Re: Bloody dangerous move this.

But...

""We don't have the ability to go to court and say, 'We need a court order to effectuate the intercept.' Other countries have that."

Eh, didn't most other countries also used to have Kings, Emperors, and other various despot rulers? But, um, not the US, right? So maybe since our FBI is saying we need what other countries have, we should allow $Deity to ordain our next leader, and he/she can be leader for life. Perhaps, even, we should model ourselves after North Korea, as they are a fine example of Democracy and Liberty done right. Pity the FBI, as the current Constitution has stripped them of far too many of the possible powers and abilities that they need to keep the sheeple safe.

Re: But...

"We don't have the ability to go to court and say, 'We need a court order to effectuate the intercept.' Other countries have that."

I remember the good old days when we (the USA) used to have that as well.

When it was a matter of waking up a judge to get a warrant signed before sending a technician to the telco central office to physically clip a tap onto a subscriber loop it wasn't an issue. The FBI worked with the limitations. Now that the technology allows 'drag and drop' tapping, suddenly the delay is intolerable.

Sure, my ISP will comply. Just send in the work order (still on triplicate carbon paper) and our IT tech will chase the subnet under the raised floor and plug you in to the proper subnet router. Just wait your turn while he is crawling around under the secretaries desks, fixing the office PC drops. Priorities, you know.

Re: But...

Re: But...

Depends on how the encryption is implemented I guess.

For your bog standard SSL , a stealth redirect of your DNS and IP traffic through a MITM snoop server that either fakes up the certificate, or they lean on the actual issuer to give them the private key using the same powers.

Symantec (Verisign/Noron) are US based,

Comodo? US Based

Digicert? US Based

Entrust? US Based

GlobalSign? US Based

GoDaddy? US Based

TrendMicro are Japan Based, not sure that is going to help much though.

For more serious encryption regimes, then I guess they will have to break in and put the bugs on your keyboard etc. as normal.

Qui Custodiet Custodes

For most of human history, no entity could look at people's mail, except in dictatorships. We are giving bureaucrats far too much power to control us, all for a little extra security.

Note that this only impacts people in the US. Foreign bad guys and cyberspies are exempt. The NSA mission has expanded from extra-territorial communications to all communications, for no better reason than control is power.

It's time to stop this before we all devcide we'd be better of in Russia or China!

@ AC 1858GMT - Re: Qui Custodiet Custodes

More Scope Creep

"Federal forces protest that they have been outfoxed by moves such as the shift to https and messaging encryption,"

And they will continue to be so. If if they are outfoxed what is the point of additional laws? The crims they are after will always be one step ahead and the "Federal Forces" know that - but it seems like a good excuse for having laws which will scope creep so that the whole, nominally law abiding population, can be monitored and their privacy invaded..

Rights of citizens must be equally upheld

Our governments have a history of misusing their 'right' to spy on us which doesn't inspire confidence that they are working for the public good.

I think we need an independent, elected overseer who is provided details and motive for every wiretap / search warrant etc. (they must be bound to keep those details secret). If there are indications that those rights are being misused they can raise a general alert to the public and an investigation can be requested.

Is that what it's really about?

Is it really about companies refusing court orders and warrants? Or is it (as I suspect) about companies refusing illegal warrantless wiretaps and various "letters" and "procedures" (which are also illegal) that the feds now like to use? If so, well, those are illegal and if I were running a company I would refuse them too.

Re: Is that what it's really about?

"Indeed, and the world would applaud you for it. Then you would pay, like Joseph Nacchio, former CEO of Qwest."

This is true. And people should read about this. Pretty ridiculous. He followed the law (advised those requesting warrantless wiretaps that he and his company would be open to fines and sanctions without proper warrants and they would not do it.) A few large contracts were cancelled and given to AT&T instead. Then, he was brought up and convicted on insider trading charges related to claims he knew ahead of time these contracts would be cancelled.

Big Brother is Now

Re: Big Brother is Now

It's been here for years but it's only now that they have become so brazen where they really don't give a shit if everyone knows about because it's far too late. One of the reasons they have paid so close attention to the Arab spring uprisings is to learn what countermeasures are the most effective.

Sigh.....

"We don't have the ability to go to court and say, 'We need a court order to effectuate the intercept.' Other countries have that. Most people assume that's what you're getting when you go to a court."

Avoid the US

End to end encryption...

...communication methods are the only way forward - even then some have back doors. Review the code. ;)

Basically if you use your intelligence and expertise in helping others be free, the US government will want you bagged. So if you are going to do that, make sure you make no money off of it, and there is nothing central about it - public key encryption etc. Then they can get all hissy about it while we laugh and show them to be who they really are - a bunch of commies. (Sorry to use such old and incorrect terminology there. I just don't like tyrants - for the people or not.)

judicial review

"After 90 days, a judicial review would be held which COULD double the monetary reparations and POSSIBLY impose extra charges." [emphasis added]

Does this also mean that the judicial review could result in the judge telling the feds to get stuffed? Some judges take the tenth amendment (generally, against federal commandeering of state apparatus) seriously and pro'ly won't look more kindly on federal commandeering of private corporate data/ systems/ stuff.

Balance

In the interests of fairness and balance, perhaps the people should be allowed to go read the contents of FBI emails on request. Similarly for those of politicians.

Any government performing wiretaps should be obliged to disclose to the subject of that tap its existence and nature no later than two years after starting it, unless extended (with a time limit) by a judge. I'm sure that might make them think twice about asking for a tap, at least once the scale of the activity came to light as disclosures were made. (Of course, this assumes that they wouldn't find a way to 'lose' records.)